期刊文献+

边缘计算构架下基于孤立森林算法的DoS异常检测 被引量:21

DoS Anomaly Detection Based on Isolation Forest Algorithm Under Edge Computing Framework
下载PDF
导出
摘要 随着网络技术的快速发展,网络攻击带来了极大的负面影响,因此网络安全问题亟待解决。针对网络攻击中的拒绝服务(Denial of Service,DoS)攻击,提出了一种基于边缘计算框架的孤立森林网络异常检测方法。该方法根据每个边缘节点的特性实现对模型训练任务的合理分配,有效地提高了边缘节点的利用效率;同时,利用边缘计算的特点实现了对云中心模型训练任务的分流,从而更好地减少系统的耗时,减轻云中心的任务负担。为了验证所提方法的有效性,对10%-KDDCUP99网络数据集进行预处理,并提取部分数据用于实验。实验结果表明,与支持向量机(Support Vector Machine,SVM)和多层感知器(Multi-Layer Perceptron,MLP)方法相比,所提方法将系统建立时间分别缩短了90%和60%,且得出的曲线下面积(Area Under Curve,AUC)可达0.9以上,这证明该方法能够在确保较高异常检测性能条的件下有效减少异常检测系统的建立时间。 With the rapid development of network technology,network attacks have brought huge negative impacts,so network security issues need to be resolved urgently.Aiming at denial of service(DoS)attacks in networks,an anomaly detection method for isolated forest based on edge computing framework was proposed.According to the characteristics of each edge node,the method realizes the reasonable distribution of the model training tasks and effectively improves the utilization efficiency of edge nodes.Meanwhile,the characteristics of edge computing are utilized to realize the offloading of model training tasks from cloud center,so as to better reduce the time consumption of the system and reduce the burdenof the cloud center.In order to verify the effectiveness of the proposed method,the 10%-KDDCUP99 network dataset is preprocessed and partial data used for experiments.Experimental results show that compared with the Support Vector Machine(SVM)and Multi-Layer Perceptron(MLP)methods,time consumption of proposed method is reduced by 90%and 60%respectively,and area under curve(AUC)can reach more than 0.9,which indicates that the method can effectively reduce the system time consumption and ensure a high detection performance.
作者 陈佳 欧阳金源 冯安琪 吴远 钱丽萍 CHEN Jia;OUYANG Jin-yuan;FENG An-qi;WU Yuan;QIAN Li-ping(College of Information Engineering,Zhejiang University of Technology,Hangzhou 310023,China)
出处 《计算机科学》 CSCD 北大核心 2020年第2期287-293,共7页 Computer Science
基金 国家自然科学基金(61572440) 浙江省自然科学基金(LR16F010003,LR17F010002)~~
关键词 异常检测 边缘计算 孤立森林 DOS攻击 数据预处理 Anomaly detection Edge computing Isolation forest DoS attack Data preprocessing
  • 相关文献

参考文献6

二级参考文献38

  • 1孙钦东,张德运,高鹏.基于时间序列分析的分布式拒绝服务攻击检测[J].计算机学报,2005,28(5):767-773. 被引量:55
  • 2薄翠梅,张湜,王执铨,李俊.基于滑动时间窗的支持向量机软测量建模研究[J].自动化仪表,2006,27(1):45-48. 被引量:14
  • 3王洁松 张小飞.KDDCutp99网络入侵检测数据的分析和预处理.科技信息,2008,(15):179-182.
  • 4赵新星,姜青山,胡海斌.一种面向网络入侵检测的特征选择方法[J].计算机研究与发展,2009,46(z2):477-482.
  • 5KangZhang.KDDCUP99数据集之背景知识[EB/OL].2010.ht-tp://xifage.com/kdd-cup一99一dataset一1/.
  • 6Hettich S,Bay S D. KDD cup 1999data[ EB/OL]. 1999. http://kdd. ics. uci. edu/databases/kddcup99, html.
  • 7Haines J W,Lippmann R P, Fried D J, et al. Boswell, 1999 DARPA Intrusion Detection Evaluation: Design and Procedures [ C ]. MIT Lin- coln Laboratory: Lexington, MA, 2001.
  • 8陈路莹,姜青山,陈黎飞.一种面向网络入侵检测的特征选择方法[J].计算机研究与发展,2008,45(S):156-160.
  • 9I.F. Akyildiz,W. Su,Y. Sankarasubramaniam,E. Cayirci.Wireless sensor networks: a survey[J]. Computer Networks . 2002 (4)
  • 10Y. Zhang,N.A.S. Hamm,N. Meratnia,A. Stein,M. van de Voort,P.J.M. Havinga.Statistics-based outlier detection for wireless sensor networks[J]. International Journal of Geographical Information Science . 2012 (8)

共引文献583

同被引文献183

引证文献21

二级引证文献68

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部